Cyber Attacks Explained

Available Downloads

The small Baltic country of Estonia was the target of a series of cyber attacks in May 2007. These were "denial of service" attacks, where an attacker floods the target network with bogus messages, causing its servers (computers that serve as a hub in a network) to slow or shut down.

The attacks caused grave concern among NATO officials, in large part because, at first, Russia was blamed. This attribution was wrong, in the sense that the attacks were not launched from Russian government computers. Like many things in cyberspace, it was difficult to tell who was at the other end of the Internet. Attribution in the Estonia case was made even harder by the use of "botnets." Botnets—short for robot networks—are the big new thing in cyber crime. A cyber criminal takes remote control of a computer by surreptitiously loading software on it. Most consumers don’t know that their computers have been compromised. Some botnets are huge, using tens of thousands of computers around the world. Having these gigantic criminal networks simultaneously send thousands of messages every minute overburdened Estonian servers and caused them to crash.

Attacks, crashes, robots—sounds like a war—and many commentators saw this as the first "cyber war." This was, of course, completely erroneous. Botnets are used all the time—they are the source of most spam—and are nothing special for cyber crime. This was not the first time that a government had seen foreign protestors attack servers and Web sites with botnets, hacks, and graffiti. China, Israel, India, Pakistan, and the United States have seen similar attacks, albeit on a smaller scale.

Image
James Andrew Lewis
Senior Vice President; Pritzker Chair; and Director, Strategic Technologies Program